DefendingAgainstSybilAttacksviaSocialNetworks.pptVIP

Defending Against Sybil Attacks via Social Networks Haifeng Yu School of Computing National University of Singapore Acknowledgments Talk based on three papers [SIGCOMM’06, ToN’08] (SybilGuard) [IEEE SP’08] (SybilLimit) Available on my homepage – google my name Co-authors: Phillip B. Gibbons Michael Kaminsky Feng Xiao Abie Flaxman Background: Sybil Attack Sybil attack: Single user pretends many fake/sybil identities I.e., Creating multiple accounts Already observed in real-world p2p systems Sybil identities can become a large fraction of all identities Background: Sybil Attack Enables malicious users to easily “out-vote” honest users Byzantine consensus – exceed the 1/3 threshold Majority voting – cast more than one vote DHT – control a large portion of the ring Recommendation systems – manipulate the recommendations Background: Defending Against Sybil Attack Using trusted central authority to tie identities to human beings – not always desirable Much harder without a trusted central authority [Douceur’02] Resource challenges not sufficient IP address-based approach not sufficient Widely considered as real challenging: Over 40 papers acknowledging the problem of sybil attack, without having a distributed solution SybilGuard / SybilLimit Basic Insight: Leveraging Social Networks Nodes = identities Undirected edges = strong mutual trust E.g., colleagues, relatives in real-world Not online friends! SybilGuard / SybilLimit Basic Insight n honest users: One identity/node each Malicious users: Multiple identities each (sybil nodes) SybilGuard/SybilLimit Basic Insight SybilGuard / SybilLimit End Guarantees Completely decentralized Enables any given verifier node to decide whether to accept any given suspect node Accept: Provide service to / receive service from Ideally: Accept and only accept honest nodes – unfortunately not possible SybilGuard / SybilLimit provably Bound # of accepted sybil nodes (w.h.p.) Accept all honest nodes except a small ? fract